| From: | John R Pierce <pierce(at)hogranch(dot)com> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: To all who wish to unsubscribe |
| Date: | 2017-11-21 18:52:08 |
| Message-ID: | c0e9cc29-560c-a7e5-86d6-24ba9941039d@hogranch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-www |
On 11/21/2017 10:39 AM, Andrew Sullivan wrote:
> On Mon, Nov 20, 2017 at 02:46:08PM -0800, Steve Atkins wrote:
>> That's poor practice, for several reasons - replay attacks with added content
>> and it being an extremely rare practice that's likely to trigger bugs in DKIM
>> validation are two. The latter is the much bigger deal.
>>
>> It also doesn't help much for most MIME encoded mail (including base64
>> encoded plain text, like the mail I'm replying to).
>>
>> Pretending those paragraphs aren't there is the right thing to do.
> Yes. Also the DMARC and forthcoming ARC mechanisms -- super important
> for people behind gmail and yahoo and so on -- make that feature not
> really work, AFAICT. I think that part of DKIM is busted, and the
> authors of it I've talked to seem to agree.
it seems to *ME* like a simpler solution to the original problem would
have been to simply STRIP any DKIM out of the original messages, and
continue to munge headers and footers like mail list reflectors have
been doing for decades.
--
john r pierce, recycling bits in santa cruz
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steve Atkins | 2017-11-21 18:53:19 | Re: To all who wish to unsubscribe |
| Previous Message | Andrew Sullivan | 2017-11-21 18:50:08 | Re: Nightmare? was unsubscribe |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steve Atkins | 2017-11-21 18:53:19 | Re: To all who wish to unsubscribe |
| Previous Message | Stephen Frost | 2017-11-21 18:48:50 | Re: migrations (was Re: To all who wish to unsubscribe) |